Upx
upx
35 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (35)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading...Show more |
A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service. |
3Fedoraproject RedhatUpx3Enterprise Linux FedoraUpxApr 11, 2025 May 27, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file. |
3Fedoraproject RedhatUpx3Enterprise Linux FedoraUpxApr 11, 2025 May 27, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file. |
A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not perfect. |
A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service (SEGV or buffer overflow and application crash) or possibly have unspecified other impacts via a crafte...Show more |
p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PT_DYNAMIC segment. |
2Opensuse Upx3Backports LeapUpxApr 11, 2025 Dec 27, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. |
2Fedoraproject Upx2Fedora UpxApr 11, 2025 Dec 27, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service. |
2Fedoraproject Upx2Fedora UpxApr 11, 2025 Dec 27, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. |
canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a crafted UPX packed file. |
An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed execu...Show more |
PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attackers to cause a denial of service (double free), limit the ability of a malware scanner to operate on the entire original data, or possibly have unspe...Show more |
p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted Mach-O file, related to canPack and unpack...Show more |
p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by an I...Show more |